Information leakage of WHOIS entries for Google Apps domains
Talos (Cisco) researchers have detected that, since mid 2013, private information from WHOIS entries managed by Google Apps, through eNom, has been publicly accessible. This flaw has affected 282.867 domains that had been registered making use of the privacy protection option offered by Google.
This information could by used by cybercriminals as a support for social engineering techniques, such as spear phishing attacks.
References:
- 12/03/2015 blogs.cisco.com Talos Discovery Spotlight: Hundreds of Thousands of Google Apps Domains’ Private WHOIS Information Disclosed
- 13/03/2015 arstechnica.com Epic Google snafu leaks hidden whois data for 280,000 domains
- 13/03/2015 theregister.co.uk Google tells world where Apps users live after WHOIS SNAFU